Central instance to access all Apigee related resource activities
Message that represents an arbitrary HTTP body. It should only be used for payload formats that can’t be represented as JSON, such as raw binary or an HTML page. This message can be used both in streaming and non-streaming API methods in the request as well as the response. It can be used as a top-level request field, which is convenient if one wants to extract parameters from either the URL or HTTP template into the request fields and also want access to the raw HTTP body. Example: message GetResourceRequest { // A unique request id. string request_id = 1; // The raw HTTP body is bound to this field. google.api.HttpBody http_body = 2; } service ResourceService { rpc GetResource(GetResourceRequest) returns (google.api.HttpBody); rpc UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); } Example with streaming methods: service CaldavService { rpc GetCalendar(stream google.api.HttpBody) returns (stream google.api.HttpBody); rpc UpdateCalendar(stream google.api.HttpBody) returns (stream google.api.HttpBody); } Use of this type only changes how the request and response bodies are handled, all other features will continue to work unchanged.
APIProductAssociation has the API product and its administrative state association.
There is no detailed description.
Get action. For example, “Get” : { “name” : “target.name”, “value” : “default” }
Remove action. For example, “Remove” : { “name” : “target.name”, “success” : true }
Set action. For example, “Set” : { “name” : “target.name”, “success” : true, “value” : “default” }
Request for ActivateNatAddressRequest. Activate the nat address request.
Add-on configurations for the Apigee organization.
Request for AdjustDeveloperBalance.
Configuration for the Advanced API Ops add-on.
Reference to a certificate or key/certificate pair.
There is no detailed description.
Configuration for the Analytics add-on.
ApiCategory
represents an API category.
Catalog items can be tagged with API categories; users viewing the API catalog in the portal will have the option to browse the catalog by category.
The API category resource wrapped with response status, error_code, etc.
ApiDoc
represents an API catalog item. Catalog items are used in two ways in a portal: - Users can browse and interact with a visual representation of the API documentation - The api_product_name
field provides a link to a backing API product. Through this link, portal users can create and manage developer apps linked to one or more API products.
The documentation for a catalog item.
The catalog item documentation wrapped with response status, error_code, etc.
The catalog item resource wrapped with response status, error_code, etc.
There is no detailed description.
There is no detailed description.
Metadata describing the API proxy
API proxy revision.
Configurations of the API Security add-on.
Response for GetApiSecurityRuntimeConfig[EnvironmentService.GetApiSecurityRuntimeConfig].
There is no detailed description.
AppGroup contains the request/response fields representing the logical grouping of apps. Note that appgroup_id, create_time and update_time cannot be changed by the user, and gets updated by the system. The name and the organization once provided cannot be edited subsequently.
Response for [GetAppGroupApp].[AppGroupApps.GetAppGroupApp], [CreateAppGroupAppRequest].[AppGroupApp.CreateAppGroupAppRequest] and [DeleteAppGroupApp].[AppGroupApp.DeleteAppGroupApp]
AppGroupAppKey contains all the information associated with the credentials.
Archive Deployment information.
There is no detailed description.
There is no detailed description.
There is no detailed description.
Key-value pair to store extra metadata.
There is no detailed description.
Request for BatchUpdateSecurityIncident.
Response for BatchUpdateSecurityIncident.
CanaryEvaluation represents the canary analysis between two versions of the runtime that is serving requests.
Labels that can be used to filter Apigee metrics.
X.509 certificate as defined in RFC 5280.
There is no detailed description.
There is no detailed description.
Request for ComputeEnvironmentScores.
Filter scores by component path. Used custom filter instead of AIP-160 as the use cases are highly constrained and predictable.
Response for ComputeEnvironmentScores.
Version of the API proxy configuration schema. Currently, only 4.0 is supported.
Configuration for the Connectors Platform add-on.
There is no detailed description.
Request for CreditDeveloperBalance.
There is no detailed description.
This encapsulates a metric property of the form sum(message_count) where name is message_count and function is sum
Data collector configuration.
Data collector and its configuration.
The data store defines the connection to export data repository (Cloud Storage, BigQuery), including the credentials used to access the data repository.
Configuration detail for datastore
Date range of the data to export.
There is no detailed description.
There is no detailed description.
A transaction contains all of the debug information of the entire message flow of an API call processed by the runtime plane. The information is collected and recorded at critical points of the message flow in the runtime apiproxy.
There is no detailed description.
Response for certain delete operations.
There is no detailed description.
Response for GenerateDeployChangeReport and GenerateUndeployChangeReport. This report contains any validation failures that would cause the deployment to be rejected, as well changes and conflicts in routing that may occur due to the new deployment. The existence of a routing warning does not necessarily imply that the deployment request is bad, if the desired state of the deployment request is to effect a routing change. The primary purposes of the routing messages are: 1) To inform users of routing changes that may have an effect on traffic currently being routed to other existing deployments. 2) To warn users if some base path in the proxy will not receive traffic due to an existing deployment having already claimed that base path. The presence of routing conflicts/changes will not cause non-dry-run DeployApiProxy/UndeployApiProxy requests to be rejected.
Describes a potential routing change that may occur as a result of some deployment operation.
Describes a routing conflict that may cause a deployment not to receive traffic at some base path.
Tuple representing a base path and the deployment containing it.
NEXT ID: 11
DeploymentGroupConfig represents a deployment group that should be present in a particular environment.
There is no detailed description.
There is no detailed description.
There is no detailed description.
Account balance for the developer.
Wallet used to manage an account balance for a particular currency.
Monetization configuration for the developer.
Structure of a DeveloperSubscription.
Encapsulates a metric grouped by dimension.
Message to disable an enabled SecurityAction.
Documentation file contents for a catalog item.
Message to enable a disabled SecurityAction.
Apigee endpoint attachment. For more information, see [Southbound networking patterns] (https://cloud.google.com/apigee/docs/api-platform/architecture/southbound-networking-patterns-endpoints).
EndpointChainingRule specifies the proxies contained in a particular deployment group, so that other deployment groups can find them in chaining calls.
Metadata common to many entities in this API.
There is no detailed description.
There is no detailed description.
EnvironmentGroup configuration. An environment group is used to group one or more Apigee environments under a single host name.
EnvironmentGroupAttachment is a resource which defines an attachment of an environment to an environment group.
EnvironmentGroupConfig is a revisioned snapshot of an EnvironmentGroup and its associated routing rules.
Request for ExpireDeveloperSubscription.
Details of an export job.
Request body for [CreateExportRequest]
There is no detailed description.
There is no detailed description.
Request for GenerateDownloadUrl method.
Response for GenerateDownloadUrl method.
Request for GenerateUploadUrl method.
Response for GenerateUploadUrl method.
The response for GetAsyncQueryResultUrl
A Signed URL and the relevant metadata associated with it.
Request for GetSyncAuthorization.
Represents the pairing of GraphQL operation types and the GraphQL operation name.
Binds the resources in a proxy or remote service with the GraphQL operation and its associated quota enforcement.
List of graphQL operation configuration details associated with Apigee API proxies or remote services. Remote services are non-Apigee proxies, such as Istio-Envoy.
GraphQL documentation for a catalog item.
Binds the resources in a proxy or remote service with the gRPC operation and its associated quota enforcement.
List of gRPC operation configuration details associated with Apigee API proxies.
There is no detailed description.
Apigee runtime instance.
InstanceAttachment represents the installation of an environment onto an instance.
The status of a deployment as reported by a single instance.
Revisions deployed in the MPs.
Route deployed in the ingress routing table.
Configuration for the Integration add-on.
There is no detailed description.
Key value map pair where the value represents the data associated with the corresponding key. Note: Supported for Apigee hybrid 1.8.x and higher.
Collection of key/value string pairs.
Datastore for Certificates and Aliases.
There is no detailed description.
The response for ListApiCategoriesRequest
. Next ID: 6
There is no detailed description.
There is no detailed description.
To change this message, in the same CL add a change log in go/changing-api-proto-breaks-ui
Response for ListAppGroupApps
ListAppGroupsResponse contains the 0 or more AppGroups, along with the optional page token and the total count of apps.
There is no detailed description.
Response for ListArchiveDeployments method.
The response for ListAsyncQueries.
This message encapsulates a list of custom report definitions
Response for ListDataCollectors.
The response for ListDatastores
There is no detailed description.
There is no detailed description.
There is no detailed description.
Response for ListDeveloperSubscriptions.
Response for ListEndpointAttachments method.
Response for ListEnvironmentGroupAttachments.
Response for ListEnvironmentGroups.
Response for ListEnvironmentResources
The response for ListExports
There is no detailed description.
Response for ListInstanceAttachments.
Response for ListInstances.
The request structure for listing key value map keys and its corresponding values.
Response for ListNatAddresses.
There is no detailed description.
There is no detailed description.
Response for ListRatePlans.
Contains a list of SecurityActions in response to a ListSecurityActionRequest.
Response for ListSecurityIncidents.
Response for ListSecurityProfileRevisions.
Response for ListSecurityProfiles.
The response for SecurityReports.
To change this message, in the same CL add a change log in go/changing-api-proto-breaks-ui
Response for ListTraceConfigOverrides.
Encapsulates additional information about query execution.
Encapsulates the metric data point. For example: { "name": "sum(message_count)", "values" : [ { "timestamp": 1549004400000, "value": "39.0" }, { "timestamp" : 1548997200000, "value" : "0.0" } ] }
or { "name": "sum(message_count)", "values" : ["39.0"] }
The optionally aggregated metric to query with its ordering.
Configuration for the Monetization add-on.
Apigee NAT(network address translation) address. A NAT address is a static external IP address used for Internet egress traffic.
NodeConfig for setting the min/max number of nodes associated with the environment.
OpenAPI Specification documentation for a catalog item.
Represents the pairing of REST resource path and the actions (verbs) allowed on the resource path.
Binds the resources in an API proxy or remote service with the allowed REST methods and associated quota enforcement.
List of operation configuration details associated with Apigee API proxies or remote services. Remote services are non-Apigee proxies, such as Istio-Envoy.
There is no detailed description.
Encapsulates a data node as represented below: { "identifier": { "names": [ "apiproxy" ], "values": [ "sirjee" ] }, "metric": [ { "env": "prod", "name": "sum(message_count)", "values": [ 36.0 ] } ] }
or { "env": "prod", "name": "sum(message_count)", "values": [ 36.0 ] }
Depending on whether a dimension is present in the query or not the data node type can be a simple metric value or dimension identifier with list of metrics.
Encapsulates a response format for JavaScript Optimized Scenario.
There is no detailed description.
There is no detailed description.
There is no detailed description.
Point is a group of information collected by runtime plane at critical points of the message flow of the processed API request. This is a list of supported point IDs, categorized to three major buckets. For each category, debug points that we are currently supporting are listed below: - Flow status debug points: StateChange FlowInfo Condition Execution DebugMask Error - Flow control debug points: FlowCallout Paused Resumed FlowReturn BreakFlow Error - Runtime debug points: ScriptExecutor FlowCalloutStepDefinition CustomTarget StepDefinition Oauth2ServicePoint RaiseFault NodeJS The detail information of the given debug point is stored in a list of results.
ProfileConfig defines a set of categories and policies which will be used to compute security score.
Checks for abuse, which includes any requests sent to the API for purposes other than what it is intended for, such as high volumes of requests, data scraping, and abuse related to authorization.
By default, following policies will be included: - JWS - JWT - OAuth - BasicAuth - APIKey
Checks to see if you have CORS policy in place.
Advanced API Security provides security profile that scores the following categories.
Checks to see if you have configured mTLS for the target server.
By default, following policies will be included: - OASValidation - SOAPMessageValidation
By default, following policies will be included: - XMLThreatProtection - JSONThreatProtection
Message for compatibility with legacy Edge specification for Java Properties object in JSON.
A single property entry in the Properties message.
Request for ProvisionOrganization.
There is no detailed description.
There is no detailed description.
More info about Metric: https://docs.apigee.com/api-platform/analytics/analytics-reference#metrics
Request payload representing the query to be run for fetching security statistics as rows.
Encapsulates two kinds of stats that are results of the dimensions and aggregations requested. - Tabular rows. - Time series data. Example of tabular rows, Represents security stats results as a row of flat values.
QueryTimeSeriesStatsRequest represents a query that returns a collection of time series sequences grouped by their values.
Represents security stats result as a collection of time series sequences.
A sequence of time series.
Quota contains the essential parameters needed that can be applied on the resources, methods, API source combination associated with this API product. While Quota is optional, setting it prevents requests from exceeding the provisioned parameters.
Rate plan details.
API call volume range and the fees charged when the total number of API calls is within the range.
A Reference configuration. References must refer to a keystore that also exists in the parent environment.
There is no detailed description.
Request for ReportInstanceStatus.
Placeholder for future enhancements to status reporting protocol
There is no detailed description.
There is no detailed description.
Metadata about a resource file.
List of resource files.
The status of a resource loaded in the runtime.
Result is short for “action result”, could be different types identified by “action_result” field. Supported types: 1. DebugInfo : generic debug info collected by runtime recorded as a list of properties. For example, the contents could be virtual host info, state change result, or execution metadata. Required fields : properties, timestamp 2. RequestMessage: information of a http request. Contains headers, request URI and http methods type.Required fields : headers, uri, verb 3. ResponseMessage: information of a http response. Contains headers, reason phrase and http status code. Required fields : headers, reasonPhrase, statusCode 4. ErrorMessage: information of a http error message. Contains detail error message, reason phrase and status code. Required fields : content, headers, reasonPhrase, statusCode 5. VariableAccess: a list of variable access actions, can be Get, Set and Remove. Required fields : accessList
API call volume range and the percentage of revenue to share with the developer when the total number of API calls is within the range.
The status of a specific resource revision.
There is no detailed description.
RuntimeAddonsConfig defines the runtime configurations for add-ons in an environment.
Runtime configuration for the Analytics add-on.
Runtime configuration for the API Security add-on.
Runtime configuration for the organization. Response for GetRuntimeConfig.
NEXT ID: 8 RuntimeTraceConfig defines the configurations for distributed trace in an environment.
NEXT ID: 7 Trace configuration override for a specific API proxy in an environment.
NEXT ID: 3 RuntimeTraceSamplingConfig represents the detail settings of distributed tracing. Only the fields that are defined in the distributed trace configuration can be overridden using the distribute trace configuration override APIs.
Response for Schema call
Message type for the schema element
Properties for the schema field.
Represents Security Score.
Component is an individual security element that is scored.
Recommendation based on security concerns and score.
Action to improve security score.
Action context are all the relevant details for the action.
A SecurityAction is rule that can be enforced at an environment level. The result is one of: - A denied API call - An explicitly allowed API call - A flagged API call (HTTP headers added before the target receives it) At least one condition is required to create a SecurityAction.
Message that should be set in case of an Allow Action. This does not have any fields.
The following are a list of conditions. A valid SecurityAction must contain at least one condition. Within a condition, each element is ORed. Across conditions elements are ANDed. For example if a SecurityAction has the following: ip_address_ranges: [“ip1”, “ip2”] and bot_reasons: [“Flooder”, “Robot Abuser”] then this is interpreted as: enforce the action if the incoming request has ((ip_address_ranges = “ip1” OR ip_address_ranges = “ip2”) AND (bot_reasons=“Flooder” OR bot_reasons=“Robot Abuser”)). Conditions other than ip_address_ranges and bot_reasons cannot be ANDed.
Message that should be set in case of a Deny Action.
The message that should be set in the case of a Flag action.
An HTTP header.
SecurityActionsConfig reflects the current state of the SecurityActions feature. This is a singleton resource: https://google.aip.dev/156
Represents an SecurityIncident resource.
Represents a SecurityProfile resource.
Environment information of attached environments. Scoring an environment is enabled only if it is attached to a security profile.
Represents a SecurityProfileEnvironmentAssociation resource.
Security configurations to manage scoring.
SecurityReport saves all the information about the created security report.
Metadata for the security report.
Body structure when user makes a request to create a security report.
Metric of the Query
Contains informations about the security report results.
The response for security report result view APIs.
SecuritySettings reflects the current state of the SecuritySettings feature.
There is no detailed description.
Session carries the debug session id and its creation time.
Request for SetAddonEnablement.
Request for SetAddons.
The metadata describing a shared flow
The metadata describing a shared flow revision.
Encapsulates a stats
response.
Encapsulates the environment wrapper: "environments": [ { "metrics": [ { "name": "sum(message_count)", "values": [ "2.52056245E8" ] } ], "name": "prod" } ]
Encapsulates the hostname wrapper: "hosts": [ { "metrics": [ { "name": "sum(message_count)", "values": [ "2.52056245E8" ] } ], "name": "example.com" } ]
Pub/Sub subscription of an environment.
There is no detailed description.
TargetServer configuration. TargetServers are used to decouple a proxy TargetEndpoint HTTPTargetConnections from concrete URLs for backend services.
There is no detailed description.
The response for TestDatastore
TLS configuration information for virtual hosts and TargetServers.
There is no detailed description.
There is no detailed description.
TraceConfig defines the configurations in an environment of distributed trace.
A representation of a configuration override.
TraceSamplingConfig represents the detail settings of distributed tracing. Only the fields that are defined in the distributed trace configuration can be overridden using the distribute trace configuration override APIs.
Request for UpdateAppGroupAppKey
Details on why a resource update failed in the runtime.
Request for UpdateSecurityIncident.
Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both allServices
and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { “audit_configs”: [ { “service”: “allServices”, “audit_log_configs”: [ { “log_type”: “DATA_READ”, “exempted_members”: [ “user:jose@example.com” ] }, { “log_type”: “DATA_WRITE” }, { “log_type”: “ADMIN_READ” } ] }, { “service”: “sampleservice.googleapis.com”, “audit_log_configs”: [ { “log_type”: “DATA_READ” }, { “log_type”: “DATA_WRITE”, “exempted_members”: [ “user:aliya@example.com” ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts jose@example.com
from DATA_READ logging, and aliya@example.com
from DATA_WRITE logging.
Provides the configuration for logging a type of permissions. Example: { “audit_log_configs”: [ { “log_type”: “DATA_READ”, “exempted_members”: [ “user:jose@example.com” ] }, { “log_type”: “DATA_WRITE” } ] } This enables ‘DATA_READ’ and ‘DATA_WRITE’ logging, while exempting jose@example.com from DATA_READ logging.
Associates members
, or principals, with a role
.
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A
Policy
is a collection of
bindings
. A
binding
binds one or more
members
, or principals, to a single
role
. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A
role
is a named list of permissions; each
role
can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a
binding
can also specify a
condition
, which is a logical expression that allows access to a resource only if the expression evaluates to
true
. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the
IAM documentation.
JSON example: { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }
YAML example: bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3
For a description of IAM and its features, see the
IAM documentation.
Request message for SetIamPolicy
method.
Request message for TestIamPermissions
method.
Response message for TestIamPermissions
method.
The response message for Operations.ListOperations.
This resource represents a long-running operation that is the result of a network API call.
A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
Describes what preconditions have failed. For example, if an RPC failed because it required the Terms of Service to be acknowledged, it could list the terms of service violation in the PreconditionFailure message.
A message type used to describe a single precondition failure.
The
Status
type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by
gRPC. Each
Status
message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the
API Design Guide.
Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: “Summary size limit” description: “Determines if a summary is less than 100 chars” expression: “document.summary.size() < 100” Example (Equality): title: “Requestor is owner” description: “Determines if requestor is the document owner” expression: “document.owner == request.auth.claims.email” Example (Logic): title: “Public documents” description: “Determine whether the document should be publicly visible” expression: “document.type != ‘private’ && document.type != ‘internal’” Example (Data Manipulation): title: “Notification string” description: “Create a notification string with a timestamp.” expression: “’New message received at ’ + string(document.create_time)” The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.
Represents a time interval, encoded as a Timestamp start (inclusive) and a Timestamp end (exclusive). The start must be less than or equal to the end. When the start equals the end, the interval is empty (matches no time). When both start and end are unspecified, the interval matches any time.
Represents an amount of money with its currency type.
Lists hybrid services and its trusted issuers service account ids. This api is authenticated and unauthorized(allow all the users) and used by runtime authn-authz service to query control plane’s issuer service account ids.
A builder providing access to all methods supported on
hybrid resources.
It is not used directly, but through the
Apigee
hub.
Create a Datastore for an org
Delete a Datastore from an org.
Get a Datastore
List Datastores
Test if Datastore configuration is correct. This includes checking if credentials provided by customer have required permissions in target destination storage
Update a Datastore
Creates an API proxy. The API proxy created will not be accessible at runtime until it is deployed to an environment. Create a new API proxy by setting the name
query parameter to the name of the API proxy. Import an API proxy configuration bundle stored in zip format on your local machine to your organization by doing the following: * Set the name
query parameter to the name of the API proxy. * Set the action
query parameter to import
. * Set the Content-Type
header to multipart/form-data
. * Pass as a file the name of API proxy configuration bundle stored in zip format on your local machine using the file
form field. Note: To validate the API proxy configuration bundle only without importing it, set the action
query parameter to validate
. When importing an API proxy configuration bundle, if the API proxy does not exist, it will be created. If the API proxy exists, then a new revision is created. Invalid API proxy configurations are rejected, and a list of validation errors is returned to the client.
Deletes an API proxy and all associated endpoints, policies, resources, and revisions. The API proxy must be undeployed before you can delete it.
Lists all deployments of an API proxy.
Gets an API proxy including a list of existing revisions.
Creates a key value map in an API proxy.
Deletes a key value map from an API proxy.
Creates key value entries in a key value map scoped to an organization, environment, or API proxy. Note: Supported for Apigee hybrid 1.8.x and higher.
Deletes a key value entry from a key value map scoped to an organization, environment, or API proxy. Notes: * After you delete the key value entry, the policy consuming the entry will continue to function with its cached values for a few minutes. This is expected behavior. * Supported for Apigee hybrid 1.8.x and higher.
Get the key value entry value for a key value map scoped to an organization, environment, or API proxy. Note: Supported for Apigee hybrid 1.8.x and higher.
Lists key value entries for key values maps scoped to an organization, environment, or API proxy. Note: Supported for Apigee hybrid 1.8.x and higher.
Update key value entry scoped to an organization, environment, or API proxy for an existing key.
Lists the names of all API proxies in an organization. The names returned correspond to the names defined in the configuration files for each API proxy.
Updates an existing API proxy.
Deletes an API proxy revision and all policies, resources, endpoints, and revisions associated with it. The API proxy revision must be undeployed before you can delete it.
Lists all deployments of an API proxy revision.
Gets an API proxy revision. To download the API proxy configuration bundle for the specified revision as a zip file, set the
format
query parameter to
bundle
. If you are using curl, specify
-o filename.zip
to save the output to a file; otherwise, it displays to
stdout
. Then, develop the API proxy configuration locally and upload the updated API proxy configuration revision, as described in
updateApiProxyRevision.
Updates an existing API proxy revision by uploading the API proxy configuration bundle as a zip file from your local machine. You can update only API proxy revisions that have never been deployed. After deployment, an API proxy revision becomes immutable, even if it is undeployed. Set the Content-Type
header to either multipart/form-data
or application/octet-stream
.
Updates or creates API product attributes. This API replaces the current list of attributes with the attributes specified in the request body. In this way, you can update existing attributes, add new attributes, or delete existing attributes by omitting them from the request body. Note: OAuth access tokens and Key Management Service (KMS) entities (apps, developers, and API products) are cached for 180 seconds (current default). Any custom attributes associated with entities also get cached for at least 180 seconds after entity is accessed during runtime. In this case, the ExpiresIn
element on the OAuthV2 policy won’t be able to expire an access token in less than 180 seconds.
Deletes an API product attribute.
Gets the value of an API product attribute.
Lists all API product attributes.
Updates the value of an API product attribute. Note: OAuth access tokens and Key Management Service (KMS) entities (apps, developers, and API products) are cached for 180 seconds (current default). Any custom attributes associated with entities also get cached for at least 180 seconds after entity is accessed during runtime. In this case, the ExpiresIn
element on the OAuthV2 policy won’t be able to expire an access token in less than 180 seconds.
Creates an API product in an organization. You create API products after you have proxied backend services using API proxies. An API product is a collection of API resources combined with quota settings and metadata that you can use to deliver customized and productized API bundles to your developer community. This metadata can include: - Scope - Environments - API proxies - Extensible profile API products enable you repackage APIs on the fly, without having to do any additional coding or configuration. Apigee recommends that you start with a simple API product including only required elements. You then provision credentials to apps to enable them to start testing your APIs. After you have authentication and authorization working against a simple API product, you can iterate to create finer-grained API products, defining different sets of API resources for each API product. WARNING: - If you don’t specify an API proxy in the request body, any app associated with the product can make calls to any API in your entire organization. - If you don’t specify an environment in the request body, the product allows access to all environments. For more information, see What is an API product?
Deletes an API product from an organization. Deleting an API product causes app requests to the resource URIs defined in the API product to fail. Ensure that you create a new API product to serve existing apps, unless your intention is to disable access to the resources defined in the API product. The API product name required in the request URL is the internal name of the product, not the display name. While they may be the same, it depends on whether the API product was created via the UI or the API. View the list of API products to verify the internal name.
Gets configuration details for an API product. The API product name required in the request URL is the internal name of the product, not the display name. While they may be the same, it depends on whether the API product was created via the UI or the API. View the list of API products to verify the internal name.
Lists all API product names for an organization. Filter the list by passing an attributename
and attibutevalue
. The maximum number of API products returned is 1000. You can paginate the list of API products returned using the startKey
and count
query parameters.
Create a rate plan that is associated with an API product in an organization. Using rate plans, API product owners can monetize their API products by configuring one or more of the following: - Billing frequency - Initial setup fees for using an API product - Payment funding model (postpaid only) - Fixed recurring or consumption-based charges for using an API product - Revenue sharing with developer partners An API product can have multiple rate plans associated with it but only one rate plan can be active at any point of time. **Note: From the developer’s perspective, they purchase API products not rate plans.
Deletes a rate plan.
Gets the details of a rate plan.
Lists all the rate plans for an API product.
Updates an existing rate plan.
Updates an existing API product. You must include all required values, whether or not you are updating them, as well as any optional values that you are updating. The API product name required in the request URL is the internal name of the product, not the display name. While they may be the same, it depends on whether the API product was created via UI or API. View the list of API products to identify their internal names.
Gets the app profile for the specified app ID.
Lists IDs of apps within an organization that have the specified app status (approved or revoked) or are of the specified app type (developer or company).
Creates an app and associates it with an AppGroup. This API associates the AppGroup app with the specified API product and auto-generates an API key for the app to use in calls to API proxies inside that API product. The name
is the unique ID of the app that you can use in API calls.
Deletes an AppGroup app. Note: The delete operation is asynchronous. The AppGroup app is deleted immediately, but its associated resources, such as app keys or access tokens, may take anywhere from a few seconds to a few minutes to be deleted.
Returns the details for an AppGroup app.
Removes an API product from an app’s consumer key. After the API product is removed, the app cannot access the API resources defined in that API product. Note: The consumer key is not removed, only its association with the API product.
Approves or revokes the consumer key for an API product. After a consumer key is approved, the app can use it to access APIs. A consumer key that is revoked or pending cannot be used to access an API. Any access tokens associated with a revoked consumer key will remain active. However, Apigee checks the status of the consumer key and if set to revoked
will not allow access to the API.
Creates a custom consumer key and secret for a AppGroup app. This is particularly useful if you want to migrate existing consumer keys and secrets to Apigee from another system. Consumer keys and secrets can contain letters, numbers, underscores, and hyphens. No other special characters are allowed. To avoid service disruptions, a consumer key and secret should not exceed 2 KBs each. Note: When creating the consumer key and secret, an association to API products will not be made. Therefore, you should not specify the associated API products in your request. Instead, use the ProductizeAppGroupAppKey API to make the association after the consumer key and secret are created. If a consumer key and secret already exist, you can keep them or delete them using the DeleteAppGroupAppKey API.
Deletes an app’s consumer key and removes all API products associated with the app. After the consumer key is deleted, it cannot be used to access any APIs.
Gets details for a consumer key for a AppGroup app, including the key and secret value, associated API products, and other information.
Adds an API product to an AppGroupAppKey, enabling the app that holds the key to access the API resources bundled in the API product. In addition, you can add attributes to the AppGroupAppKey. This API replaces the existing attributes with those specified in the request. Include or exclude any existing attributes that you want to retain or delete, respectively. You can use the same key to access all API products associated with the app.
Lists all apps created by an AppGroup in an Apigee organization. Optionally, you can request an expanded view of the AppGroup apps. Lists all AppGroupApps in an AppGroup. A maximum of 1000 AppGroup apps are returned in the response if PageSize is not specified, or if the PageSize is greater than 1000.
Updates the details for an AppGroup app. In addition, you can add an API product to an AppGroup app and automatically generate an API key for the app to use when calling APIs in the API product. If you want to use an existing API key for the API product, add the API product to the API key using the UpdateAppGroupAppKey API. Using this API, you cannot update the app name, as it is the primary key used to identify the app and cannot be changed. This API replaces the existing attributes with those specified in the request. Include or exclude any existing attributes that you want to retain or delete, respectively.
Creates an AppGroup. Once created, user can register apps under the AppGroup to obtain secret key and password. At creation time, the AppGroup’s state is set as active
.
Deletes an AppGroup. All app and API keys associations with the AppGroup are also removed. Warning: This API will permanently delete the AppGroup and related artifacts. Note: The delete operation is asynchronous. The AppGroup app is deleted immediately, but its associated resources, such as apps and API keys, may take anywhere from a few seconds to a few minutes to be deleted.
Returns the AppGroup details for the provided AppGroup name in the request URI.
Lists all AppGroups in an organization. A maximum of 1000 AppGroups are returned in the response if PageSize is not specified, or if the PageSize is greater than 1000.
Updates an AppGroup. This API replaces the existing AppGroup details with those specified in the request. Include or exclude any existing details that you want to retain or delete, respectively. Note that the state of the AppGroup should be updated using action
, and not via AppGroup.
Creates a new data collector.
Deletes a data collector.
Gets a data collector.
Lists all data collectors.
Updates a data collector.
Delete an Apigee organization. For organizations with BillingType EVALUATION, an immediate deletion is performed. For paid organizations (Subscription or Pay-as-you-go), a soft-deletion is performed. The organization can be restored within the soft-deletion period, which is specified using the retention
field in the request or by filing a support ticket with Apigee. During the data retention period specified in the request, the Apigee organization cannot be recreated in the same Google Cloud project. IMPORTANT: The default data retention setting for this operation is 7 days. To permanently delete the organization in 24 hours, set the retention parameter to MINIMUM
.
Lists all deployments of API proxies or shared flows.
Updates attributes for a developer app. This API replaces the current attributes with those specified in the request.
Deletes a developer app attribute.
Returns a developer app attribute.
Returns a list of all developer app attributes.
Updates a developer app attribute. Note: OAuth access tokens and Key Management Service (KMS) entities (apps, developers, and API products) are cached for 180 seconds (current default). Any custom attributes associated with these entities are cached for at least 180 seconds after the entity is accessed at runtime. Therefore, an ExpiresIn
element on the OAuthV2 policy won’t be able to expire an access token in less than 180 seconds.
Creates an app associated with a developer. This API associates the developer app with the specified API product and auto-generates an API key for the app to use in calls to API proxies inside that API product. The name
is the unique ID of the app that you can use in API calls. The DisplayName
(set as an attribute) appears in the UI. If you don’t set the DisplayName
attribute, the name
appears in the UI.
Deletes a developer app. Note: The delete operation is asynchronous. The developer app is deleted immediately, but its associated resources, such as app keys or access tokens, may take anywhere from a few seconds to a few minutes to be deleted.
Manages access to a developer app by enabling you to: * Approve or revoke a developer app * Generate a new consumer key and secret for a developer app To approve or revoke a developer app, set the action
query parameter to approve
or revoke
, respectively, and the Content-Type
header to application/octet-stream
. If a developer app is revoked, none of its API keys are valid for API calls even though the keys are still approved. If successful, the API call returns the following HTTP status code: 204 No Content
To generate a new consumer key and secret for a developer app, pass the new key/secret details. Rather than replace an existing key, this API generates a new key. In this case, multiple key pairs may be associated with a single developer app. Each key pair has an independent status (approve
or revoke
) and expiration time. Any approved, non-expired key can be used in an API call. For example, if you’re using API key rotation, you can generate new keys with expiration times that overlap keys that are going to expire. You might also generate a new consumer key/secret if the security of the original key/secret is compromised. The keyExpiresIn
property defines the expiration time for the API key in milliseconds. If you don’t set this property or set it to -1
, the API key never expires. Notes: * When generating a new key/secret, this API replaces the existing attributes, notes, and callback URLs with those specified in the request. Include or exclude any existing information that you want to retain or delete, respectively. * To migrate existing consumer keys and secrets to hybrid from another system, see the CreateDeveloperAppKey API.
Returns the details for a developer app.
Removes an API product from an app’s consumer key. After the API product is removed, the app cannot access the API resources defined in that API product. Note: The consumer key is not removed, only its association with the API product.
Approves or revokes the consumer key for an API product. After a consumer key is approved, the app can use it to access APIs. A consumer key that is revoked or pending cannot be used to access an API. Any access tokens associated with a revoked consumer key will remain active. However, Apigee checks the status of the consumer key and if set to revoked
will not allow access to the API.
Creates a custom consumer key and secret for a developer app. This is particularly useful if you want to migrate existing consumer keys and secrets to Apigee from another system. Consumer keys and secrets can contain letters, numbers, underscores, and hyphens. No other special characters are allowed. To avoid service disruptions, a consumer key and secret should not exceed 2 KBs each. Note: When creating the consumer key and secret, an association to API products will not be made. Therefore, you should not specify the associated API products in your request. Instead, use the UpdateDeveloperAppKey API to make the association after the consumer key and secret are created. If a consumer key and secret already exist, you can keep them or delete them using the DeleteDeveloperAppKey API. Note: All keys start out with status=approved, even if status=revoked is passed when the key is created. To revoke a key, use the UpdateDeveloperAppKey API.
Creates a custom consumer key and secret for a developer app. This is particularly useful if you want to migrate existing consumer keys and secrets to Apigee from another system. Consumer keys and secrets can contain letters, numbers, underscores, and hyphens. No other special characters are allowed. To avoid service disruptions, a consumer key and secret should not exceed 2 KBs each. Note: When creating the consumer key and secret, an association to API products will not be made. Therefore, you should not specify the associated API products in your request. Instead, use the UpdateDeveloperAppKey API to make the association after the consumer key and secret are created. If a consumer key and secret already exist, you can keep them or delete them using the DeleteDeveloperAppKey API. Note: All keys start out with status=approved, even if status=revoked is passed when the key is created. To revoke a key, use the UpdateDeveloperAppKey API.
Deletes an app’s consumer key and removes all API products associated with the app. After the consumer key is deleted, it cannot be used to access any APIs. Note: After you delete a consumer key, you may want to: 1. Create a new consumer key and secret for the developer app using the CreateDeveloperAppKey API, and subsequently add an API product to the key using the UpdateDeveloperAppKey API. 2. Delete the developer app, if it is no longer required.
Gets details for a consumer key for a developer app, including the key and secret value, associated API products, and other information.
Updates the scope of an app. This API replaces the existing scopes with those specified in the request. Include or exclude any existing scopes that you want to retain or delete, respectively. The specified scopes must already be defined for the API products associated with the app. This API sets the scopes
element under the apiProducts
element in the attributes of the app.
Adds an API product to a developer app key, enabling the app that holds the key to access the API resources bundled in the API product. In addition, you can add attributes to a developer app key. This API replaces the existing attributes with those specified in the request. Include or exclude any existing attributes that you want to retain or delete, respectively. You can use the same key to access all API products associated with the app.
Lists all apps created by a developer in an Apigee organization. Optionally, you can request an expanded view of the developer apps. A maximum of 100 developer apps are returned per API call. You can paginate the list of deveoper apps returned using the startKey
and count
query parameters.
Updates the details for a developer app. In addition, you can add an API product to a developer app and automatically generate an API key for the app to use when calling APIs in the API product. If you want to use an existing API key for the API product, add the API product to the API key using the UpdateDeveloperAppKey API. Using this API, you cannot update the following: * App name as it is the primary key used to identify the app and cannot be changed. * Scopes associated with the app. Instead, use the ReplaceDeveloperAppKey API. This API replaces the existing attributes with those specified in the request. Include or exclude any existing attributes that you want to retain or delete, respectively.
Updates developer attributes. This API replaces the existing attributes with those specified in the request. Add new attributes, and include or exclude any existing attributes that you want to retain or remove, respectively. The custom attribute limit is 18. Note: OAuth access tokens and Key Management Service (KMS) entities (apps, developers, and API products) are cached for 180 seconds (default). Any custom attributes associated with these entities are cached for at least 180 seconds after the entity is accessed at runtime. Therefore, an ExpiresIn
element on the OAuthV2 policy won’t be able to expire an access token in less than 180 seconds.
Deletes a developer attribute.
Returns the value of the specified developer attribute.
Returns a list of all developer attributes.
Updates a developer attribute. Note: OAuth access tokens and Key Management Service (KMS) entities (apps, developers, and API products) are cached for 180 seconds (default). Any custom attributes associated with these entities are cached for at least 180 seconds after the entity is accessed at runtime. Therefore, an ExpiresIn
element on the OAuthV2 policy won’t be able to expire an access token in less than 180 seconds.
Adjust the prepaid balance for the developer. This API will be used in scenarios where the developer has been under-charged or over-charged.
Credits the account balance for the developer.
Creates a developer. Once created, the developer can register an app and obtain an API key. At creation time, a developer is set as active
. To change the developer status, use the SetDeveloperStatus API.
Deletes a developer. All apps and API keys associated with the developer are also removed. Warning: This API will permanently delete the developer and related artifacts. To avoid permanently deleting developers and their artifacts, set the developer status to inactive
using the SetDeveloperStatus API. Note: The delete operation is asynchronous. The developer app is deleted immediately, but its associated resources, such as apps and API keys, may take anywhere from a few seconds to a few minutes to be deleted.
Gets the account balance for the developer.
Returns the developer details, including the developer’s name, email address, apps, and other information. Note: The response includes only the first 100 developer apps.
Gets the monetization configuration for the developer.
Lists all developers in an organization by email address. By default, the response does not include company developers. Set the includeCompany
query parameter to true
to include company developers. Note: A maximum of 1000 developers are returned in the response. You paginate the list of developers returned using the startKey
and count
query parameters.
Sets the status of a developer. A developer is active
by default. If you set a developer’s status to inactive
, the API keys assigned to the developer apps are no longer valid even though the API keys are set to approved
. Inactive developers can still sign in to the developer portal and create apps; however, any new API keys generated during app creation won’t work. To set the status of a developer, set the action
query parameter to active
or inactive
, and the Content-Type
header to application/octet-stream
. If successful, the API call returns the following HTTP status code: 204 No Content
Creates a subscription to an API product.
Expires an API product subscription immediately.
Gets details for an API product subscription.
Lists all API product subscriptions for a developer.
Updates a developer. This API replaces the existing developer details with those specified in the request. Include or exclude any existing details that you want to retain or delete, respectively. The custom attribute limit is 18. Note: OAuth access tokens and Key Management Service (KMS) entities (apps, developers, and API products) are cached for 180 seconds (current default). Any custom attributes associated with these entities are cached for at least 180 seconds after the entity is accessed at runtime. Therefore, an ExpiresIn
element on the OAuthV2 policy won’t be able to expire an access token in less than 180 seconds.
Updates the monetization configuration for the developer.
Creates an endpoint attachment. Note: Not supported for Apigee hybrid.
Deletes an endpoint attachment.
Gets the endpoint attachment.
Lists the endpoint attachments in an organization.
Creates a new attachment of an environment to an environment group.
Deletes an environment group attachment.
Gets an environment group attachment.
Lists all attachments of an environment group.
Creates a new environment group.
Deletes an environment group.
Gets an environment group.
Gets the deployed ingress configuration for an environment group.
Lists all environment groups.
Updates an environment group.
Updates an add-on enablement status of an environment.
Gets a list of metrics and dimensions that can be used to create analytics queries and reports. Each schema element contains the name of the field, its associated type, and a flag indicating whether it is a standard or custom field.
Submit a data export job to be processed in the background. If the request is successful, the API returns a 201 status, a URI that can be used to retrieve the status of the export job, and the state
value of “enqueued”.
Gets the details and status of an analytics export job. If the export job is still in progress, its state
is set to “running”. After the export job has completed successfully, its state
is set to “completed”. If the export job fails, its state
is set to failed
.
Lists the details and status of all analytics export jobs belonging to the parent organization and environment.
Lists all deployments of an API proxy in an environment.
Creates a debug session for a deployed API Proxy revision.
Gets the debug data from a transaction.
Deletes the data from a debug session. This does not cancel the debug session or prevent further data from being collected if the session is still active in runtime pods.
Retrieves a debug session.
Lists debug sessions that are currently active in the given API Proxy revision.
Deploys a revision of an API proxy. If another revision of the same API proxy revision is currently deployed, set the override
parameter to true
to have this revision replace the currently deployed revision. You cannot invoke an API proxy until it has been deployed to an environment. After you deploy an API proxy revision, you cannot edit it. To edit the API proxy, you must create and deploy a new revision. For a request path organizations/{org}/environments/{env}/apis/{api}/revisions/{rev}/deployments
, two permissions are required: * apigee.deployments.create
on the resource organizations/{org}/environments/{env}
* apigee.proxyrevisions.deploy
on the resource organizations/{org}/apis/{api}/revisions/{rev}
Generates a report for a dry run analysis of a DeployApiProxy request without committing the deployment. In addition to the standard validations performed when adding deployments, additional analysis will be done to detect possible traffic routing changes that would result from this deployment being created. Any potential routing conflicts or unsafe changes will be reported in the response. This routing analysis is not performed for a non-dry-run DeployApiProxy request. For a request path organizations/{org}/environments/{env}/apis/{api}/revisions/{rev}/deployments:generateDeployChangeReport
, two permissions are required: * apigee.deployments.create
on the resource organizations/{org}/environments/{env}
* apigee.proxyrevisions.deploy
on the resource organizations/{org}/apis/{api}/revisions/{rev}
Generates a report for a dry run analysis of an UndeployApiProxy request without committing the undeploy. In addition to the standard validations performed when removing deployments, additional analysis will be done to detect possible traffic routing changes that would result from this deployment being removed. Any potential routing conflicts or unsafe changes will be reported in the response. This routing analysis is not performed for a non-dry-run UndeployApiProxy request. For a request path organizations/{org}/environments/{env}/apis/{api}/revisions/{rev}/deployments:generateUndeployChangeReport
, two permissions are required: * apigee.deployments.delete
on the resource organizations/{org}/environments/{env}
* apigee.proxyrevisions.undeploy
on the resource organizations/{org}/apis/{api}/revisions/{rev}
Gets the deployment of an API proxy revision and actual state reported by runtime pods.
Undeploys an API proxy revision from an environment. For a request path organizations/{org}/environments/{env}/apis/{api}/revisions/{rev}/deployments
, two permissions are required: * apigee.deployments.delete
on the resource organizations/{org}/environments/{env}
* apigee.proxyrevisions.undeploy
on the resource organizations/{org}/apis/{api}/revisions/{rev}
Creates a new ArchiveDeployment.
Deletes an archive deployment.
Generates a signed URL for downloading the original zip file used to create an Archive Deployment. The URL is only valid for a limited period and should be used within minutes after generation. Each call returns a new upload URL.
Generates a signed URL for uploading an Archive zip file to Google Cloud Storage. Once the upload is complete, the signed URL should be passed to CreateArchiveDeployment. When uploading to the generated signed URL, please follow these restrictions: * Source file type should be a zip file. * Source file size should not exceed 1GB limit. * No credentials should be attached - the signed URLs provide access to the target bucket using internal service identity; if credentials were attached, the identity from the credentials would be used, but that identity does not have permissions to upload files to the URL. When making a HTTP PUT request, these two headers need to be specified: * content-type: application/zip
* x-goog-content-length-range: 0,1073741824
And this header SHOULD NOT be specified: * Authorization: Bearer YOUR_TOKEN
Gets the specified ArchiveDeployment.
Lists the ArchiveDeployments in the specified Environment.
Updates an existing ArchiveDeployment. Labels can modified but most of the other fields are not modifiable.
Deletes a cache.
Creates an environment in an organization.
Deletes an environment from an organization. Warning: You must delete all key value maps and key value entries before you delete an environment. Otherwise, if you re-create the environment the key value map entry operations will encounter encryption/decryption discrepancies.
Lists all deployments of API proxies or shared flows in an environment.
Attaches a shared flow to a flow hook.
Detaches a shared flow from a flow hook.
Returns the name of the shared flow attached to the specified flow hook. If there’s no shared flow attached to the flow hook, the API does not return an error; it simply does not return a name in the response.
Gets the add-ons config of an environment.
Gets the API Security runtime configuration for an environment. This named ApiSecurityRuntimeConfig to prevent conflicts with ApiSecurityConfig from addon config.
Gets environment details.
Gets the debug mask singleton resource for an environment.
Gets the deployed configuration for an environment.
GetSecurityActionConfig returns the current SecurityActions configuration.
Get distributed trace configuration in an environment.
Creates an alias from a key/certificate pair. The structure of the request is controlled by the format
query parameter: - keycertfile
- Separate PEM-encoded key and certificate files are uploaded. Set Content-Type: multipart/form-data
and include the keyFile
, certFile
, and password
(if keys are encrypted) fields in the request body. If uploading to a truststore, omit keyFile
. - pkcs12
- A PKCS12 file is uploaded. Set Content-Type: multipart/form-data
, provide the file in the file
field, and include the password
field if the file is encrypted in the request body. - selfsignedcert
- A new private key and certificate are generated. Set Content-Type: application/json
and include CertificateGenerationSpec in the request body.
Generates a PKCS #10 Certificate Signing Request for the private key in an alias.
Deletes an alias.
Gets an alias.
Gets the certificate from an alias in PEM-encoded form.
Updates the certificate in an alias.
Creates a keystore or truststore. - Keystore: Contains certificates and their associated keys. - Truststore: Contains trusted certificates used to validate a server’s certificate. These certificates are typically self-signed certificates or certificates that are not signed by a trusted CA.
Deletes a keystore or truststore.
Gets a keystore or truststore.
Creates a key value map in an environment.
Deletes a key value map from an environment.
Creates key value entries in a key value map scoped to an organization, environment, or API proxy. Note: Supported for Apigee hybrid 1.8.x and higher.
Deletes a key value entry from a key value map scoped to an organization, environment, or API proxy. Notes: * After you delete the key value entry, the policy consuming the entry will continue to function with its cached values for a few minutes. This is expected behavior. * Supported for Apigee hybrid 1.8.x and higher.
Get the key value entry value for a key value map scoped to an organization, environment, or API proxy. Note: Supported for Apigee hybrid 1.8.x and higher.
Lists key value entries for key values maps scoped to an organization, environment, or API proxy. Note: Supported for Apigee hybrid 1.8.x and higher.
Update key value entry scoped to an organization, environment, or API proxy for an existing key.
Updates properties for an Apigee environment with patch semantics using a field mask. Note: Not supported for Apigee hybrid.
Similar to GetStats except that the response is less verbose.
Submit a query to be processed in the background. If the submission of the query succeeds, the API returns a 201 status and an ID that refer to the query. In addition to the HTTP status 201, the state
of “enqueued” means that the request succeeded.
Get query status If the query is still in progress, the state
is set to “running” After the query has completed successfully, state
is set to “completed”
After the query is completed, use this API to retrieve the results. If the request succeeds, and there is a non-zero result set, the result is downloaded to the client as a zipped JSON file. The name of the downloaded file will be: OfflineQueryResult-.zip Example: OfflineQueryResult-9cfc0d85-0f30-46d6-ae6f-318d0cb961bd.zip
After the query is completed, use this API to retrieve the results. If the request succeeds, and there is a non-zero result set, the result is sent to the client as a list of urls to JSON files.
Return a list of Asynchronous Queries
Creates a Reference in the specified environment.
Deletes a Reference from an environment. Returns the deleted Reference resource.
Gets a Reference resource.
Updates an existing Reference. Note that this operation has PUT semantics; it will replace the entirety of the existing Reference with the resource in the request body.
Creates a resource file. Specify the
Content-Type
as
application/octet-stream
or
multipart/form-data
. For more information about resource files, see
Resource files.
Deletes a resource file. For more information about resource files, see
Resource files.
Gets the contents of a resource file. For more information about resource files, see
Resource files.
Lists all resource files, optionally filtering by type. For more information about resource files, see
Resource files.
Lists all resource files, optionally filtering by type. For more information about resource files, see
Resource files.
Updates a resource file. Specify the
Content-Type
as
application/octet-stream
or
multipart/form-data
. For more information about resource files, see
Resource files.
CreateSecurityAction creates a SecurityAction.
Disable a SecurityAction. The state
of the SecurityAction after disabling is DISABLED
. DisableSecurityAction
can be called on SecurityActions in the state ENABLED
; SecurityActions in a different state (including DISABLED
) return an error.
Enable a SecurityAction. The state
of the SecurityAction after enabling is ENABLED
. EnableSecurityAction
can be called on SecurityActions in the state DISABLED
; SecurityActions in a different state (including `ENABLED) return an error.
Get a SecurityAction by name.
Returns a list of SecurityActions. This returns both enabled and disabled actions.
BatchUpdateSecurityIncident updates multiple existing security incidents.
GetSecurityIncident gets the specified security incident. Returns NOT_FOUND if security incident is not present for the specified organization and environment.
ListSecurityIncidents lists all the security incident associated with the environment.
UpdateSecurityIncidents updates an existing security incident.
Submit a report request to be processed in the background. If the submission succeeds, the API returns a 200 status and an ID that refer to the report request. In addition to the HTTP status 200, the state
of “enqueued” means that the request succeeded.
Get security report status If the query is still in progress, the state
is set to “running” After the query has completed successfully, state
is set to “completed”
After the query is completed, use this API to retrieve the results as file. If the request succeeds, and there is a non-zero result set, the result is downloaded to the client as a zipped JSON file. The name of the downloaded file will be: OfflineQueryResult-.zip Example: OfflineQueryResult-9cfc0d85-0f30-46d6-ae6f-318d0cb961bd.zip
After the query is completed, use this API to view the query result when result size is small.
Return a list of Security Reports
Retrieve security statistics as tabular rows.
Retrieve security statistics as a collection of time series.
Lists all deployments of a shared flow in an environment.
Deploys a revision of a shared flow. If another revision of the same shared flow is currently deployed, set the override
parameter to true
to have this revision replace the currently deployed revision. You cannot use a shared flow until it has been deployed to an environment. For a request path organizations/{org}/environments/{env}/sharedflows/{sf}/revisions/{rev}/deployments
, two permissions are required: * apigee.deployments.create
on the resource organizations/{org}/environments/{env}
* apigee.sharedflowrevisions.deploy
on the resource organizations/{org}/sharedflows/{sf}/revisions/{rev}
Gets the deployment of a shared flow revision and actual state reported by runtime pods.
Undeploys a shared flow revision from an environment. For a request path organizations/{org}/environments/{env}/sharedflows/{sf}/revisions/{rev}/deployments
, two permissions are required: * apigee.deployments.delete
on the resource organizations/{org}/environments/{env}
* apigee.sharedflowrevisions.undeploy
on the resource organizations/{org}/sharedflows/{sf}/revisions/{rev}
Retrieve metrics grouped by dimensions. The types of metrics you can retrieve include traffic, message counts, API call latency, response size, and cache hits and counts. Dimensions let you view metrics in meaningful groups. You can optionally pass dimensions as path parameters to the stats
API. If dimensions are not specified, the metrics are computed on the entire set of data for the given time range.
Creates a subscription for the environment’s Pub/Sub topic. The server will assign a random name for this subscription. The “name” and “push_config” must not be specified.
Creates a TargetServer in the specified environment.
Deletes a TargetServer from an environment. Returns the deleted TargetServer resource.
Gets a TargetServer resource.
Updates an existing TargetServer. Note that this operation has PUT semantics; it will replace the entirety of the existing TargetServer with the resource in the request body.
Tests the permissions of a user on an environment, and returns a subset of permissions that the user has on the environment. If the environment does not exist, an empty permission set is returned (a NOT_FOUND error is not returned).
Creates a trace configuration override. The response contains a system-generated UUID, that can be used to view, update, or delete the configuration override. Use the List API to view the existing trace configuration overrides.
Deletes a distributed trace configuration override.
Gets a trace configuration override.
Lists all of the distributed trace configuration overrides in an environment.
Updates a distributed trace configuration override. Note that the repeated fields have replace semantics when included in the field mask and that they will be overwritten by the value of the fields in the request body.
Deletes a subscription for the environment’s Pub/Sub topic.
Updates an existing environment. When updating properties, you must pass all existing properties to the API, even if they are not being changed. If you omit properties from the payload, the properties are removed. To get the current list of properties for the environment, use the
Get Environment API.
Note: Both
PUT
and
POST
methods are supported for updating an existing environment.
Updates the debug mask singleton resource for an environment.
Updates an existing environment. When updating properties, you must pass all existing properties to the API, even if they are not being changed. If you omit properties from the payload, the properties are removed. To get the current list of properties for the environment, use the
Get Environment API.
Note: Both
PUT
and
POST
methods are supported for updating an existing environment.
UpdateSecurityActionConfig updates the current SecurityActions configuration. This method is used to enable/disable the feature at the environment level.
Updates the trace configurations in an environment. Note that the repeated fields have replace semantics when included in the field mask and that they will be overwritten by the value of the fields in the request body.
Gets the deployed ingress configuration for an organization.
Gets the project ID and region for an Apigee organization.
Get runtime config for an organization.
GetSecuritySettings gets the security settings for API Security.
Lists the service accounts with the permissions required to allow the Synchronizer to download environment data from the control plane. An ETag is returned in the response to
getSyncAuthorization
. Pass that ETag when calling
setSyncAuthorization to ensure that you are updating the correct version. If you don’t pass the ETag in the call to
setSyncAuthorization
, then the existing authorization is overwritten indiscriminately. For more information, see
Configure the Synchronizer.
Note: Available to Apigee hybrid only.
Submit a query at host level to be processed in the background. If the submission of the query succeeds, the API returns a 201 status and an ID that refer to the query. In addition to the HTTP status 201, the state
of “enqueued” means that the request succeeded.
Get status of a query submitted at host level. If the query is still in progress, the state
is set to “running” After the query has completed successfully, state
is set to “completed”
After the query is completed, use this API to retrieve the results. If the request succeeds, and there is a non-zero result set, the result is downloaded to the client as a zipped JSON file. The name of the downloaded file will be: OfflineQueryResult-.zip Example: OfflineQueryResult-9cfc0d85-0f30-46d6-ae6f-318d0cb961bd.zip
A builder for the
hostQueries.getResultView method supported by a
organization resource.
It is not used directly, but through a
OrganizationMethods
instance.
Return a list of Asynchronous Queries at host level.
Submit a query at host level to be processed in the background. If the submission of the query succeeds, the API returns a 201 status and an ID that refer to the query. In addition to the HTTP status 201, the state
of “enqueued” means that the request succeeded.
Get status of a query submitted at host level. If the query is still in progress, the state
is set to “running” After the query has completed successfully, state
is set to “completed”
After the query is completed, use this API to retrieve the results. If the request succeeds, and there is a non-zero result set, the result is downloaded to the client as a zipped JSON file. The name of the downloaded file will be: OfflineQueryResult-.zip Example: OfflineQueryResult-9cfc0d85-0f30-46d6-ae6f-318d0cb961bd.zip
After the query is completed, use this API to view the query result when result size is small.
Return a list of Security Reports at host level.
Retrieve metrics grouped by dimensions in host level. The types of metrics you can retrieve include traffic, message counts, API call latency, response size, and cache hits and counts. Dimensions let you view metrics in meaningful groups. You can optionally pass dimensions as path parameters to the stats
API. If dimensions are not specified, the metrics are computed on the entire set of data for the given time range.
Creates a new attachment of an environment to an instance. Note: Not supported for Apigee hybrid.
Deletes an attachment. Note: Not supported for Apigee hybrid.
Gets an attachment. Note: Not supported for Apigee hybrid.
Lists all attachments to an instance. Note: Not supported for Apigee hybrid.
Creates a new canary evaluation for an organization.
Gets a CanaryEvaluation for an organization.
Creates an Apigee runtime instance. The instance is accessible from the authorized network configured on the organization. Note: Not supported for Apigee hybrid.
Deletes an Apigee runtime instance. The instance stops serving requests and the runtime data is deleted. Note: Not supported for Apigee hybrid.
Gets the details for an Apigee runtime instance. Note: Not supported for Apigee hybrid.
Lists all Apigee runtime instances for the organization. Note: Not supported for Apigee hybrid.
Activates the NAT address. The Apigee instance can now use this for Internet egress traffic. Note: Not supported for Apigee hybrid.
Creates a NAT address. The address is created in the RESERVED state and a static external IP address will be provisioned. At this time, the instance will not use this IP address for Internet egress traffic. The address can be activated for use once any required firewall IP whitelisting has been completed. Note: Not supported for Apigee hybrid.
Deletes the NAT address. Connections that are actively using the address are drained before it is removed. Note: Not supported for Apigee hybrid.
Gets the details of a NAT address. Note: Not supported for Apigee hybrid.
Lists the NAT addresses for an Apigee instance. Note: Not supported for Apigee hybrid.
Updates an Apigee runtime instance. You can update the fields described in NodeConfig. No other fields will be updated. Note: Not supported for Apigee hybrid.
Reports the latest status for a runtime instance.
Creates a key value map in an organization.
Deletes a key value map from an organization.
Creates key value entries in a key value map scoped to an organization, environment, or API proxy. Note: Supported for Apigee hybrid 1.8.x and higher.
Deletes a key value entry from a key value map scoped to an organization, environment, or API proxy. Notes: * After you delete the key value entry, the policy consuming the entry will continue to function with its cached values for a few minutes. This is expected behavior. * Supported for Apigee hybrid 1.8.x and higher.
Get the key value entry value for a key value map scoped to an organization, environment, or API proxy. Note: Supported for Apigee hybrid 1.8.x and higher.
Lists key value entries for key values maps scoped to an organization, environment, or API proxy. Note: Supported for Apigee hybrid 1.8.x and higher.
Update key value entry scoped to an organization, environment, or API proxy for an existing key.
Lists the Apigee organizations and associated Google Cloud projects that you have permission to access. See
Understanding organizations.
A builder providing access to all methods supported on
organization resources.
It is not used directly, but through the
Apigee
hub.
Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.
Lists operations that match the specified filter in the request. If the server doesn’t support this method, it returns UNIMPLEMENTED
.
Similar to GetHostStats except that the response is less verbose.
Creates a Custom Report for an Organization. A Custom Report provides Apigee Customers to create custom dashboards in addition to the standard dashboards which are provided. The Custom Report in its simplest form contains specifications about metrics, dimensions and filters. It is important to note that the custom report by itself does not provide an executable entity. The Edge UI converts the custom report definition into an analytics query and displays the result in a chart.
Deletes an existing custom report definition
Retrieve a custom report definition.
Return a list of Custom Reports
Update an existing custom report definition
CreateSecurityProfile create a new custom security profile.
DeleteSecurityProfile delete a profile with all its revisions.
ComputeEnvironmentScores calculates scores for requested time range for the specified security profile and environment.
CreateSecurityProfileEnvironmentAssociation creates profile environment association i.e. attaches environment to security profile.
DeleteSecurityProfileEnvironmentAssociation removes profile environment association i.e. detaches environment from security profile.
GetSecurityProfile gets the specified security profile. Returns NOT_FOUND if security profile is not present for the specified organization.
ListSecurityProfiles lists all the security profiles associated with the org including attached and unattached profiles.
ListSecurityProfileRevisions lists all the revisions of the security profile.
UpdateSecurityProfile update the metadata of security profile.
Configures the add-ons for the Apigee organization. The existing add-on configuration will be fully replaced.
Sets the permissions required to allow the Synchronizer to download environment data from the control plane. You must call this API to enable proper functioning of hybrid. Pass the ETag when calling
setSyncAuthorization
to ensure that you are updating the correct version. To get an ETag, call
getSyncAuthorization. If you don’t pass the ETag in the call to
setSyncAuthorization
, then the existing authorization is overwritten indiscriminately. For more information, see
Configure the Synchronizer.
Note: Available to Apigee hybrid only.
Uploads a ZIP-formatted shared flow configuration bundle to an organization. If the shared flow already exists, this creates a new revision of it. If the shared flow does not exist, this creates it. Once imported, the shared flow revision must be deployed before it can be accessed at runtime. The size limit of a shared flow bundle is 15 MB.
Deletes a shared flow and all it’s revisions. The shared flow must be undeployed before you can delete it.
Lists all deployments of a shared flow.
Gets a shared flow by name, including a list of its revisions.
Lists all shared flows in the organization.
Deletes a shared flow and all associated policies, resources, and revisions. You must undeploy the shared flow before deleting it.
Lists all deployments of a shared flow revision.
Gets a revision of a shared flow. To download the shared flow configuration bundle for the specified revision as a zip file, set the
format
query parameter to
bundle
. If you are using curl, specify
-o filename.zip
to save the output to a file; otherwise, it displays to
stdout
. Then, develop the shared flow configuration locally and upload the updated sharedFlow configuration revision, as described in
updateSharedFlowRevision.
Updates a shared flow revision. This operation is only allowed on revisions which have never been deployed. After deployment a revision becomes immutable, even if it becomes undeployed. The payload is a ZIP-formatted shared flow. Content type must be either multipart/form-data or application/octet-stream.
Creates a new API category.
Deletes an API category.
Gets an API category.
Returns the API categories associated with a portal.
Updates an API category.
Creates a new catalog item.
Deletes a catalog item.
Gets a catalog item.
Gets the documentation for the specified catalog item.
Returns the catalog items associated with a portal.
Updates a catalog item.
Updates the documentation for the specified catalog item. Note that the documentation file contents will not be populated in the return message.
Updates the properties for an Apigee organization. No other fields in the organization profile will be updated.
UpdateSecuritySettings updates the current security settings for API Security.
A builder providing access to all methods supported on
project resources.
It is not used directly, but through the
Apigee
hub.
Provisions a new Apigee organization with a functioning runtime. This is the standard way to create trial organizations for a free Apigee trial.